Collaborate Disseminate
I’m trying to detect homograph attacks and other attacks where an attacker uses a spoof domain name that looks visually similar to a trusted domain name (e.g., bankofthevvest.com instead of bankofthewest.com).
Is there a dic… Continue reading List of visually similar characters, for detecting spoofing and social engineering attacks
Is there a way for a domain good.com to promise that it will sign all of its DNS records, and that any unsigned records for any host *.good.com should be rejected? In other words, is there a way for a zone to provide a signe… Continue reading Opt into strict DNSSEC checking – does DNSSEC provide a way for a zone to request strict signature validation?
Is there a way for a domain good.com to promise that it will sign all of its DNS records, and that any unsigned records for any host *.good.com should be rejected? In other words, is there a way for a zone to provide a signe… Continue reading Opt into strict DNSSEC checking – does DNSSEC provide a way for a zone to request strict signature validation?
Is there a way to identify which popular sites will host arbitrary user-generated content?
I am doing some analysis to detect phishing sites. It would be nice to use the popularity of a website as a way to weed out sites th… Continue reading Sites that allow user-generated content
Are there any existing data sets of spear phishing emails available?
I’ve found a bunch of data sets of phishing emails, but that’s not what I’m looking for. I’m not looking for mass phishing campaigns. Rather, I’m interested in spear p… Continue reading Spear phishing data set
I am looking for a way to add extra, custom data in a SSL server certificate issued by a standard CA. Is this possible?
I want to get a SSL server certificate issued by a standard CA, so that it’ll be accepted by standard b… Continue reading Custom data in SSL certificate
I’ve been asked by a user whether I would recommend using the Dashlane password manager. I’m aware that other password managers have had some significant security problems, including XSS and CSRF (see below). Is the Dashlan… Continue reading Security analysis of Dashlane
I’ve been asked by a user whether I would recommend using the Dashlane password manager. I’m aware that other password managers have had some significant security problems, including XSS and CSRF (see below). Is the Dashlan… Continue reading Security analysis of Dashlane
I’ve been asked by a user whether I would recommend using the Dashlane password manager. I’m aware that other password managers have had some significant security problems, including XSS and CSRF (see below). Is the Dashlan… Continue reading Security analysis of Dashlane
I’ve been asked by a user whether I would recommend using the Dashlane password manager. I’m aware that other password managers have had some significant security problems, including XSS and CSRF (see below). Is the Dashlan… Continue reading Security analysis of Dashlane